III. REMARKS 


1. Claims 1-10 are not anticipated by Deinhart et al . 
("Deinhart") under 35 U.S.C. §102 (b) . 

Applicant's invention, according to claim 1, recites "automated 
creation of roles." This is not disclosed or suggested by 
Deinhart. 

Deinhart describes a method and system for registration, 
authorization and control of access rights in a distributed 
computer system of an enterprise based on parameterized role 
types . A parameterized role type can be instantiated into role 
instances equivalent to roles . The required parameters are 
provided by the subject of the computer system. (Col. 3, lines 
11-12) . In Deinhart, a role type is a template for defining the 
types of access rights , obj ects , and transactions necessary to 
carry out a set of functional tasks in an enterprise. (Col. 3, 
lines 52-59) . A role instance defines a set of concrete and 
specific competencies and therefore binds the competencies 
defined by a role type to the objects and access rights specific 
to an organization unit or a job position. (Col. 3, lines 60- 
64) . A security administrator must be able to "associate" these 
rights, objects, and transactions with the job positions of the 
enterprise organization. (Col. 7, lines 26-29). 

For instantiation of parameterized role types, at first, for each 
organization unit and for each job position of an enterprise, a 
set of attributes has to be declared as relevant, and the 
attributes are said to be advertised . (Col. 8, lines 10-51). 

If a job position is combined with at least one role type, then 
the role instances can be created by instantiating the role types 
by automated derivation . 
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Deinhart is based on a data base, that must be firstly created by 
finding the attributes . 

Contrary to Deinhart, Applicant's invention describes a process 
for the automated creation of roles . The process is based on a 
data base concerning the security data of an enterprise. 
Similarities in this data are used to create organizational 
and/or functional roles without first declaring attributes that 
describe the organization and/or job positions. 

In Applicant's invention, the loaded security data is mined for 
similarities and the security data is grouped into roles. (Page 
4, lines 24-25). Discovered similarities can be converted into 
role attributes. This is not disclosed or suggested by Deinhart. 
Thus, claim 1 is not anticipated. 

Claims 2-10 should be allowable at least in view of their 
respective dependencies . 

For all of. the foregoing reasons, it is respectfully submitted 
that all of the claims now present in the application are clearly 
novel and patentable over the prior art of record, and are in 
proper form for allowance. Accordingly, favorable 

reconsideration and allowance is respectfully requested. Should 
any unresolved issues remain, the Examiner is invited to call 
Applicants' attorney at the telephone number indicated below. 

A check in the amount of $110 is enclosed for a one-month 
extension of time. The Commissioner is hereby authorized to 
charge payment for any fees associated with this communication or 
credit any over payment to Deposit Account No. 16-1350. 
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spectfully submitted, 
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Perman & Green, LLP 
425 Post Road 
Fairfield, CT 06824 
(203) 259-1800 Ext. 
Customer No. : 2512 
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